Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Will there be a production version in the future? #1

Open
rsenger2 opened this issue Mar 10, 2015 · 6 comments
Open

Will there be a production version in the future? #1

rsenger2 opened this issue Mar 10, 2015 · 6 comments

Comments

@rsenger2
Copy link

I just managed to get this to work, after changing RRtype to 61 and removing base64 decoding of the keys.

My question, is this considered to be experimental only and forever, or will there be an update that can deal with multipart messages (especially, pgp signed messages delivered from an email client) and maybe dlv (I still need to use dlv.isc.org trust anchor...)?

I understand that real end-to-end encryption requires client side encryption, but I think this milter is interesting if the mail server is trusted (e.g. for companies).
@letoams
Copy link
Owner

letoams commented Mar 11, 2015

On Tue, 10 Mar 2015, rsenger2 wrote:

I just managed to get this to work, after changing RRtype to 61 and removing base64 decoding of the keys.

My question, is this considered to be experimental only and forever, or will there be an update that can deal with multipart
messages (especially, pgp signed messages delivered from an email client) and maybe dlv (I still need to use dlv.isc.org trust
anchor...)?

I'm happy to work on bugs and maintain it - I do plan to pick this up
for a much needed update soon. I would really need some help if we
dive into the more complicated context parsing code. Someone with
more MIME experience for picking the right python modules and handling
code would be appreciated. It's not my area of expertise.

I understand that real end-to-end encryption requires client side encryption, but I think this milter is interesting if the mail
server is trusted (e.g. for companies).

It is still very useful. For instance when you have an mobile phone that
sends email via IMAP over TLS to your mailserver, which can then encrypt
it using OPENPGP.

@DanWin
Copy link
Contributor

DanWin commented Apr 13, 2019

I'm working on an updated version of this and added multipart support to my fork: https://github.com/DanWin/openpgpkey-milter

@letoams
Copy link
Owner

letoams commented Apr 13, 2019 via email

@DanWin DanWin mentioned this issue Apr 22, 2019
Merged
@ne20002
Copy link
Contributor

ne20002 commented Sep 18, 2023
edited
Loading

I'll give it a few enhancement the next time.
Most email apps do have really good support of PGP encryption lately (Thunderbird, K9, ..) but I got a use case where the milter is really a benefit. :)
I run my own little instance of a Fediverse server along with my own mail server. A user asked if it would be possible to add pgp encryption for mail send by the system (mostly notification). I believe, using the milter will cover at least the 'simple' use cases much better.
This is on my list
[/] add config file
[/] allow skipping processing for domains
[/] allow skipping processing for configured recipients (not the whole domain)
[ ] add an additional query to keys.openpgp.org (as many users of public email providers don't have the option to add dns entries or email providers run a wkd)
[ ] cover the use case where there are recipients with and without pgp key by splitting the email and send one unencrypted and one encrypted

@letoams
Copy link
Owner

letoams commented Sep 19, 2023 via email

@ne20002
Copy link
Contributor

ne20002 commented Sep 19, 2023

I got a few chnages running but I need further testing.
I changed order of resolving to 1st OPENPGPKEY DNS entry as this is the most secure option, if none found try to find key with WKD. And I added an optional query to keys.openpgp.org as this key server at least verifys the email addresses of uploaded keys. I call it with https (vks), not HKP. HKP servers seems to be filled with bogus keys.
A local keyring may reduce calls or resolving but may also hold outdated keys very fast so checking on every message seems to be the way at the moment.

I also realized that the use cases a (as no key for any recipient) and b (keys for all recipients) are easily to handle but the case c (keys for only some of the recipients) seems to not be solvable with a milter as it can't split messages into two. So 'letting go plaintext' is the only option here. But I will give some analyses on postfix content filters. maybe there is a solution.

At least, for my use case, where messages mostly have only single recipients, the milter works well.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@letoams @DanWin @rsenger2 @ne20002